pith. sign in

arxiv: 2506.15028 · v1 · pith:RMOWLRATnew · submitted 2025-06-18 · 💻 cs.CR · cs.ET· cs.LG

Systems-Theoretic and Data-Driven Security Analysis in ML-enabled Medical Devices

classification 💻 cs.CR cs.ETcs.LG
keywords devicesmedicalml-enabledcybersecuritysecurityanalysisdesignmodels
0
0 comments X
read the original abstract

The integration of AI/ML into medical devices is rapidly transforming healthcare by enhancing diagnostic and treatment facilities. However, this advancement also introduces serious cybersecurity risks due to the use of complex and often opaque models, extensive interconnectivity, interoperability with third-party peripheral devices, Internet connectivity, and vulnerabilities in the underlying technologies. These factors contribute to a broad attack surface and make threat prevention, detection, and mitigation challenging. Given the highly safety-critical nature of these devices, a cyberattack on these devices can cause the ML models to mispredict, thereby posing significant safety risks to patients. Therefore, ensuring the security of these devices from the time of design is essential. This paper underscores the urgency of addressing the cybersecurity challenges in ML-enabled medical devices at the pre-market phase. We begin by analyzing publicly available data on device recalls and adverse events, and known vulnerabilities, to understand the threat landscape of AI/ML-enabled medical devices and their repercussions on patient safety. Building on this analysis, we introduce a suite of tools and techniques designed by us to assist security analysts in conducting comprehensive premarket risk assessments. Our work aims to empower manufacturers to embed cybersecurity as a core design principle in AI/ML-enabled medical devices, thereby making them safe for patients.

This paper has not been read by Pith yet.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Forward citations

Cited by 1 Pith paper

Reviewed papers in the Pith corpus that reference this work. Sorted by Pith novelty score.

  1. SAMD: A Tool for Identifying False Data Injection Scenarios in AI/ML-enabled Medical Devices

    cs.CR 2026-05 unverdicted novelty 7.0

    SAMD automates STPA-Sec modeling of AI/ML medical devices as control structures to generate false data injection attack scenarios via LLMs and vulnerability data, evaluated on five FDA-cleared devices with reported pr...